Menu
▾
▴
[Plone-cvs] r10715 - CMFPlone/branches/2.5/www
|
From: alecm <svn...@pl...> - 2006-08-31 07:41:00
|
Author: alecm
Date: Thu Aug 31 07:40:55 2006
New Revision: 10715
Added:
CMFPlone/branches/2.5/www/portrait_fix.dtml
Log:
Forgot that nasty dtml
Added: CMFPlone/branches/2.5/www/portrait_fix.dtml
==============================================================================
--- (empty file)
+++ CMFPlone/branches/2.5/www/portrait_fix.dtml Thu Aug 31 07:40:55 2006
@@ -0,0 +1,53 @@
+<dtml-var manage_page_header>
+<dtml-var manage_tabs>
+
+<p>This is a simple tool for purging members who have uploaded non-image files
+as their member portraits in an attempted cross site scripting attack. The
+issue which allowed such portraits to be uploaded has been resolved, and this
+tool should remove any existing members who have attempted to exploint this
+issue.
+</p>
+
+<hr />
+<dtml-if search_for_bad_members>
+ <dtml-let ids="getBadMembers()">
+ <dtml-if ids>
+ <p>Found <dtml-var "len(ids)"> bad members</p>
+ <form name="purge_bad_members"
+ method="POST"
+ action="manage_portrait_fix">
+ <ul>
+ <dtml-in ids>
+ <li><dtml-var sequence-item></li>
+ <input type="hidden"
+ name="member_ids:list"
+ value="&dtml-sequence-item;"/>
+ </dtml-in>
+ </ul>
+ <input type="checkbox"
+ name="delete_memberareas:bool"
+ checked="true">Delete member areas
+ <br />
+ <input type="submit"
+ name="purge_bad_members"
+ value="Remove These Members" />
+ </form>
+ <dtml-else>
+ <p>No bad members found</p>
+ </dtml-if>
+ </dtml-let>
+<dtml-elif purge_bad_members>
+
+ <dtml-let deleted="deleteMembers(member_ids, REQUEST.get('delete_memberareas', False))">
+ <dtml-call "portal_memberdata.pruneMemberDataContents()">
+ <p>Deleted <dtml-var "len(deleted)"> bad members</p>
+ </dtml-let>
+<dtml-else>
+ <form name="get_bad_members"
+ method="POST"
+ action="manage_portrait_fix">
+
+ <input type="submit" name="search_for_bad_members"
+ value="Find Bad Members" />
+ </form>
+</dtml-if>
\ No newline at end of file
|